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DETAILED ACTION 

1 . Claims 1 - 27 are presented for examination. 

Claim Objections 

2. Claim 2 is objected to because of the following informalities: Claim 2 is missing section 
(c). It is not sure if the Applicant skipped to (d) but meant (c). Appropriate correction is 
required. 

Drawings 

3. The drawings are objected to under 37 CFR 1.83(a). The drawings must show every 
feature of the invention specified in the claims. Therefore, the "said parallel array of protocol 
processors" must be shown or the feature(s) canceled from the claim(s). No new matter should 
be entered. 

Corrected drawing sheets in compliance with 37 CFR 1. 121(d) are required in reply to 
the Office action to avoid abandonment of the application. Any amended replacement drawing 
sheet should include all of the figures appearing on the immediate prior version of the sheet, 
even if only one figure is being amended. The figure or figure number of an amended drawing 
should not be labeled as "amended." If a drawing figure is to be canceled, the appropriate figure 
must be removed from the replacement sheet, and where necessary, the remaining figures must 
be renumbered and appropriate changes made to the brief description of the several views of the 
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drawings for consistency. Additional replacement sheets may be necessary to show the 
renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an 
application must be labeled in the top margin as either "Replacement Sheet" or "New Sheet" 
pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will 
be notified and informed of any required corrective action in the next Office action. The 
objection to the drawings will not be held in abeyance. 

Claim Rejections - 35 USC § 112 



4. The following is a quotation of the first paragraph of 35 U.S.C 1 12: 

The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it 
pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode 
contemplated by the inventor of carrying out his invention. 



5. Claims 9, 14 and 15 are rejected under 35 U.S.C. 112, first paragraph, as failing to 
comply with the written description requirement. The claim(s) contains subject matter which 
was not described in the specification in such a way as to reasonably convey to one skilled in the 
relevant art that the inventor(s), at the time the application was filed, had possession of the 
claimed invention. Claims 9 and 14 recite the limitation of "said intensive data processing 
function one or a combination of functions selected from a group consisting of data encryption, 
decryption, compression, decompression, and protocol translation " There is no written 
description in the specification that states a specific selection from a group. 



Application/Control Number: 09/976,322 Page 4 

Art Unit: 2143 

6. Claim 15 is rejected for its dependency on claim 14. 

7. Claims 21 - 27 are rejected under 35 U.S. C. 112, first paragraph, as failing to comply 
with the written description requirement. The claim(s) contains subject matter which was not 
described in the specification in such a way as to reasonably convey to one skilled in the relevant 
art that the inventor(s), at the time the application was filed, had possession of the claimed 
invention. The limitation of "said parallel array of protocol processors " is not stated in the 
specification. 

8. The following is a quotation of the second paragraph of 35 U.S. C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention, 

9. Claim 1 and 8 - 15 are rejected under 35 U.S.C. 1 12, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

10. Regarding claim 1, the phrase "a like" renders the claim(s) indefinite because the claim(s) 
include(s) elements not actually disclosed (those encompassed by "or the like" or "a like"), 
thereby rendering the scope of the claim(s) unascertainable. See MPEP § 2173.05(d). 

11. Claim 8 recites the limitation "the aggregate performance". There is insufficient 
antecedent basis for this limitation in the claim. 



12. 



Claims 9 - 15 are rejected for their dependency on claim 8. 
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Claim Rejections - 35 USC § 102 

13. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

14. Claims 1 - 6, 8, 10 - 13, 16 - 18 and 21 - 24 are rejected under 35 U.S.C. 102(e) as 
being anticipated by Almulhem et al. U.S. Patent No. 658743 1 (hereinafter Almulhem). 

15. Referencing claim 1, as closely interpreted by the Examiner, Almulhem teaches a 
network data processor system comprising a plurality of data packet processors coupled through 
a data switch fabric between network connection processors, wherein said data packet processors 
perform a data processing function over data contained within predetermined data packets, 
wherein said network connection processors include network interfaces coupleable to external 
data transmission networks and wherein said network connection processors provide for the 
selective routing of said predetermined data packets through said data switch fabric to load 
balance the processing of said predetermined data packets by said plurality of data packet 
processors, (e.g., col. 7, lines 10 - 44 & col. 8, lines 30 - 39). 
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16. Referencing claim 2, as closely interpreted by the Examiner, Almulhem teaches a 
network data packet processor system providing for the transfer of packets between first and 
second networks, said network data packet processor system comprising: 

17. a) a data packet switch including pluralities of first and second data ports coupled 
together to provide for the transfer of network data packets between respective first and second 
data ports, (e.g., col. 7, lines 10 - 44); 

18. b) a plurality of data protocol processors coupled to a like plurality of said first data ports 
of said data packet switch, each data protocol processor being coupled to a respective first data 
port through a bidirectional packet transfer interface and including a protocol processing engine 
providing for the selective conversion of data contained within a predetermined network data 
packet, (e.g., col. 7, lines 10 - 44); and 

19. b) input and output data transfer processors coupled to respective second data ports of 
said data packet switch, wherein said input data transfer processor selectively routes network 
data packets from said first network to said plurality of data protocol processors and said output 
data transfer processor routes network data packets from said plurality of protocol processors to 
said second network, and wherein said input data transfer processor balances the load of 
individual network data packets routed to said plurality of data protocol processors, (e.g., col. 7, 
lines 10 - 44 & col. 8, lines 30 - 39). 

20. Referencing claim 3, as closely interpreted by the Examiner, Almulhem teaches a 
network gateway processor comprising: 



Application/Control Number: 09/976,322 Page 7 

Art Unit: 2143 

21. a) a switch providing data routing between input, output, and processing ports, (e.g. col. 
8, lines 40 - 44, "rotator space switch "); 

22. b) an array of protocol processors coupled to respective processing ports, each said 
protocol processor providing for the conversion of network data packets from a first form to a 
second form, (e.g., col. 7, lines 10 - 44 & col. 8, lines 30 - 39); 

23. c) an input processor coupled between a first network and said input port, said input 
processor providing for the load balanced allocation of network data packets received from said 
first network to said array of protocol processors, (e.g., col. 7, lines 10 - 44 & col. 8, lines 30 - 
39); and 

24. d) an output processor coupled between a second network and said output port, wherein 
said array of protocol processors provide network data packets of said second form to said output 
processor for transfer to said second network, (e.g., col. 7, lines 10 - 44 & col. 8, lines 30 - 39). 

25. Referencing claim 4, as closely interpreted by the Examiner, Almulhem teaches said 
input processor selectively associates conversion control data with network data packets 
provided to said array of protocol processors, (e.g., col. 7, lines 10 - 44 & col. 8, lines 30 - 39). 

26. Referencing claim 5, as closely interpreted by the Examiner, Almulhem teaches said 
conversion control data is provided with each network data packet provided to said array of 
protocol processors, (e.g., col. 7, lines 10 - 44 & col. 8, lines 30 - 39). 



Application/Control Number: 09/976,322 Page 8 

Art Unit: 2143 

27. Referencing claim 6, as closely interpreted by the Examiner, Almulhem teaches each said 
protocol processor includes a data form conversion engine and wherein operation of said data 
form conversion engine is defined by predetermined parameters identified by said conversion 
control data and wherein said predetermined parameters are applied to said data form conversion 
engine with respect to a corresponding network data packet, (e.g., col. 7, lines 10 - 44 & col. 8, 
lines 30 - 39). 

28. Referencing claim 8, as closely interpreted by the Examiner, Almulhem teaches a method 
of operating a network gateway coupleable between first and second networks to implement a 
compute intensive data processing function on network data packets transferred between said 
first and second networks, said method comprising: 

29. a) receiving, by a first processor coupleable to said first network, network data packets, 
(e.g., col. 7, lines 22 - 55); 

30. b) selecting, from said received network data packets, predetermined network packets for 
routing through said network gateway, (e.g., col. 7, lines 22 - 55); 

31. c) selectively distributing said predetermined network data packets to a plurality of 
second processors so as to enable utilization of the aggregate performance of said second 
processors in performing said compute intensive data processing function, (e.g., col. 7, lines 22 - 
55 & col. 8, lines 30 - 39); 

32. d) processing, asynchronously, said predetermined network data packets as distributed 
by said plurality of second processors to convert each of said predetermined network data 
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packets in accordance with said compute intensive data processing function to provide converted 
network data packets, (e.g., col. 8, lines 8 - 29); 

33. e) collecting, by a third processor coupleable to said second network, said converted 
network data packets, (e.g., col. 7, lines 22 - 55 & col. 8, lines 30 - 39); and 

34. f) transferring said converted network data packets to said second network, (e.g., col. 8, 
lines 45 - 59). 

35. Referencing claim 10, as closely interpreted by the Examiner, Almulhem teaches said 
compute intensive data processing function is dependent on configuration parameters and 
wherein said method further comprising the steps of; 

36. a) obtaining said configuration parameters, (e.g., col. 8, lines 8 - 30); and 

37. b) applying said configuration parameters, within said step of processing, to control the 
conversion of each of said predetermined network data packets, (e.g., col. 8, lines 8 - 39, 

''configured policy"). 

38. Referencing claim 1 1, as closely interpreted by the Examiner, Almulhem teaches said 
step of obtaining includes negotiating, by a fourth processor, a set of configuration parameters 
for a predetermined logical connection established through said network gateway between said 
first and second networks and wherein said step of applying includes selecting said set of 
configuration parameters with respect to a predetermined network packet associated with said 
predetermined logical connection, (e.g., col. 8, lines 8 - 39, "configured policy"). 
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39. Referencing claim 12, as closely interpreted by the Examiner, Almulhem teaches 

40. a) distributing, by said fourth processor to said first processor, said set of configuration 
parameters, (e.g., col. 8, lines 8 - 39, "configured policy"); and 

41 . b) associating, by said first processor, said set of configuration parameters with said 
predetermined network packet such that said set of configuration parameters is passed, in 
combination with said predetermine network packet by said step of selectively distributing, to a 
predetermined one of said plurality of second processors, (e.g., col. 8, lines 40 - 59). 

42. Referencing claim 13, as closely interpreted by the Examiner, Almulhem teaches 

43. a) distributing, by said fourth processor to said second processors, said set of 
configuration parameters, (e.g., col. 8, lines 8 - 39, "configured policy "); and 

44. b) associating, by a predetermined one of said second processors, said set of 
configuration parameters with said predetermined network packet as passed by said step of 
selectively distributing, to said predetermined one of said plurality of second processors, (e.g., 
col. 7, lines 23 - 44 & col. 8, lines 40 - 59). 

45. Claims 16-18 and 21 - 24 are rejected for similar reasons as stated above. . 

Claim Rejections - 35 USC § 103 

46. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

47. Claims 7, 9 and 14 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Almulhem as applied to claims 1 - 6, 8 and 10-12 above, and in view of Arrow et al. (6226751) 
(hereinafter Arrow). 

48. As per claim 7, as closely interpreted by the Examiner, Almulhem does not specifically 
teach said data form conversion engine includes an encryption engine. Arrow teaches said data 
form conversion engine includes an encryption engine, (e.g., col. 10, lines 21 - 31). It would 
have been obvious to one of ordinary skill in the art, at the time the invention was conceived, 
combine Arrow with Almulhem because a strong encryption scheme can essentially guarantees 
privacy. 

49. As per claim 9, as closely interpreted by the Examiner, Almulhem teaches said compute 
intensive data processing function one or a combination of functions consisting of protocol 
translation, (e.g., col. 7, lines 23 - 44). Almulhem does not specifically teach said compute 
intensive data processing function one or a combination of functions selected from a group 
consisting of data encryption, decryption, compression and decompression. Arrow teaches said 
compute intensive data processing function one or a combination of functions selected from a 
group consisting of data encryption, decryption, compression and decompression, (e.g., col. 10, 
lines 21 - 31). It would have been obvious to one of ordinary skill in the art, at the time the 
invention was conceived, to combine Arrow with Almulhem because of similar reasons stated 
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above, furthermore utilizing compression formats requires less space than sending data 
uncompressed. 

50. Claim 14 is rejected for similar reasons as stated above. 

51. Claims 15 are rejected under 35 U.S. C. 103(a) as being unpatentable over Almulhem and 
Arrow as applied to claims 8, 10 - 12 and 14 above, and in view of Booth, III et al. (6668282) 
(hereinafter Booth). 

52. As per claim 1 5, as closely interpreted by the Examiner, Almulhem and Arrow do not 
specifically teach said compute intensive data processing function implements a conversion 
between an IP protocol and an IPsec protocol. Booth teaches said compute intensive data 
processing function implements a conversion between an IP protocol and an IPsec protocol, 
(e.g., col. 2, lines 25 - 45). It would have been obvious to one of ordinary skill in the art, at the 
time the invention was conceived, to combine Booth with the combine system of Almulhem and 
Arrow because a big advantage of IPSec is that security arrangements could be handled without 
requiring changes to individual user computers. 

53. Claims 19, 20 and 25 - 27 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Almulhem as applied to claims 16-18 and 21 above, and in view of Booth. 
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54. As per claim 19, as closely interpreted by the Examiner, Almulhem does not specifically 
teach said protocol transformation is an implementation of a secure IP protocol. Booth teaches 
said protocol transformation is an implementation of a secure IP protocol, (e.g., col. 2, lines 25 - 
45). It would have been obvious to one of ordinary skill in the art, at the time the invention was 
conceived, to combine Booth with Almulhem because of similar reasons stated above. 

55. As per claim 20 as closely interpreted by the Examiner, Almulhem does not specifically 
teach said logical connection is a virtual private network and wherein said protocol 
transformation implements a conversion between an IP protocol and an IPsec protocol. Booth 
teaches said logical connection is a virtual private network and wherein said protocol 
transformation implements a conversion between an IP protocol and an IPsec protocol, (e.g., col. 
2, lines 25 - 45). It would have been obvious to one of ordinary skill in the art, at the time the 
invention was conceived, to combine Booth with Almulhem because of similar reasons stated 
above. 

56. As per claim 26, as closely interpreted by the Examiner, Almulhem teaches said control 
processor is coupled through said switch fabric to transfer said protocol processing parameters to 
a data table stored by said ingress processor, wherein said ingress processor dynamically attaches 
headers selectively containing said protocol processing parameters to data packets prior to 
transfer to said parallel array of protocol processors, the selection of said protocol processing 
parameters being dependent on information contained in respective data packets, (e.g., col. 9, 
lines 22-58). 
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57. Claims 25 and 27 are rejected for similar reasons as stated above. 



Conclusion 



58. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

59. a. Bendinelli et al. U.S. Patent No. 6631416 discloses Methods and systems for 
enabling a tunnel between two computers on a network. 

60. b. Weldon et al. U.S. Patent No. 6366563 discloses Method, computer program 
product, and apparatus for collecting service level agreement statistics in a communication 
network. 

61. c. Boudreau et al U.S. Patent No. 6788692 discloses Network switch load 
balancing. 

62. d. Cheesman et al. U.S. Patent No. 6680933 discloses Telecommunications switches 
and methods for their operation. 

63. e. Rajakarunanayake U.S. Patent No. 676588 1 discloses Virtual L2TP/VPN tunnel 
network and spanning tree-based method for discovery of L2TP/VPN tunnels and other layer-2 
services. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to David E. England whose telephone number is 571-272-3912. 
The examiner can normally be reached on Mon-Thur, 7:00-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David A. Wiley can be reached on 571-272-3923. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



David E. England 

Examiner 
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